CVE-2020-18232

Опубликовано: 22 авг. 2023

Источник: redhat

CVSS3: 7.8

Описание

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

A flaw was found in HDF5, which allows a local, authenticated attacker to execute arbitrary code on the system, caused by improper bounds checking by the H5S_close function in H5S.c. By using a specially crafted file, an attacker can execute arbitrary code on the system.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 16.1	hdf5	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=2234888hdf5: Buffer Overflow in function H5S_close in H5S.c

7.8 High

CVSS3

Связанные уязвимости

CVE-2020-18232

CVSS3: 8.8

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

CVE-2020-18232

CVSS3: 8.8

nvd

больше 2 лет назад

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

CVE-2020-18232

CVSS3: 8.8

debian

больше 2 лет назад

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ...

GHSA-fmx4-j82v-hgw3

CVSS3: 8.8

github

больше 2 лет назад

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

7.8 High

CVSS3